Re: [PATCH v3] drm/mediatek: dsi: Store driver data before invoking mipi_dsi_host_register

[CK Hu (胡俊光)]

On Wed, 2026-02-25 at 09:38 +0000, Luca Leonardo Scorcia wrote:
> External email : Please do not click links or open attachments until you have verified the sender or the content.
> 
> 
> The call to mipi_dsi_host_register triggers a callback to mtk_dsi_bind,
> which uses dev_get_drvdata to retrieve the mtk_dsi struct, so this
> structure needs to be stored inside the driver data before invoking it.
> 
> As drvdata is currently uninitialized it leads to a crash when
> registering the DSI DRM encoder right after acquiring
> the mode_config.idr_mutex, blocking all subsequent DRM operations.
> 
> Fixes the following crash during mediatek-drm probe (tested on Xiaomi
> Smart Clock x04g):
> 
> Unable to handle kernel NULL pointer dereference at virtual address
>  0000000000000040
> [...]
> Modules linked in: mediatek_drm(+) drm_display_helper cec drm_client_lib
>  drm_dma_helper drm_kms_helper panel_simple
> [...]
> Call trace:
>  drm_mode_object_add+0x58/0x98 (P)
>  __drm_encoder_init+0x48/0x140
>  drm_encoder_init+0x6c/0xa0
>  drm_simple_encoder_init+0x20/0x34 [drm_kms_helper]
>  mtk_dsi_bind+0x34/0x13c [mediatek_drm]
>  component_bind_all+0x120/0x280
>  mtk_drm_bind+0x284/0x67c [mediatek_drm]
>  try_to_bring_up_aggregate_device+0x23c/0x320
>  __component_add+0xa4/0x198
>  component_add+0x14/0x20
>  mtk_dsi_host_attach+0x78/0x100 [mediatek_drm]
>  mipi_dsi_attach+0x2c/0x50
>  panel_simple_dsi_probe+0x4c/0x9c [panel_simple]
>  mipi_dsi_drv_probe+0x1c/0x28
>  really_probe+0xc0/0x3dc
>  __driver_probe_device+0x80/0x160
>  driver_probe_device+0x40/0x120
>  __device_attach_driver+0xbc/0x17c
>  bus_for_each_drv+0x88/0xf0
>  __device_attach+0x9c/0x1cc
>  device_initial_probe+0x54/0x60
>  bus_probe_device+0x34/0xa0
>  device_add+0x5b0/0x800
>  mipi_dsi_device_register_full+0xdc/0x16c
>  mipi_dsi_host_register+0xc4/0x17c
>  mtk_dsi_probe+0x10c/0x260 [mediatek_drm]
>  platform_probe+0x5c/0xa4
>  really_probe+0xc0/0x3dc
>  __driver_probe_device+0x80/0x160
>  driver_probe_device+0x40/0x120
>  __driver_attach+0xc8/0x1f8
>  bus_for_each_dev+0x7c/0xe0
>  driver_attach+0x24/0x30
>  bus_add_driver+0x11c/0x240
>  driver_register+0x68/0x130
>  __platform_register_drivers+0x64/0x160
>  mtk_drm_init+0x24/0x1000 [mediatek_drm]
>  do_one_initcall+0x60/0x1d0
>  do_init_module+0x54/0x240
>  load_module+0x1838/0x1dc0
>  init_module_from_file+0xd8/0xf0
>  __arm64_sys_finit_module+0x1b4/0x428
>  invoke_syscall.constprop.0+0x48/0xc8
>  do_el0_svc+0x3c/0xb8
>  el0_svc+0x34/0xe8
>  el0t_64_sync_handler+0xa0/0xe4
>  el0t_64_sync+0x198/0x19c
> Code: 52800022 941004ab 2a0003f3 37f80040 (29005a80)
> ---[ end trace 0000000000000000 ]---

Reviewed-by: CK Hu <ck.hu@xxxxxxxxxxxx>

> 
> Fixes: e4732b590a77 ("drm/mediatek: dsi: Register DSI host after acquiring clocks and PHY")
> Signed-off-by: Luca Leonardo Scorcia <l.scorcia@xxxxxxxxx>
> Reviewed-by: AngeloGioacchino Del Regno <angelogioacchino.delregno@xxxxxxxxxxxxx>
> ---
> v3: Also initialize irq_wait_queue before calling platform_set_drvdata
> v2: Added Fixes tag
> 
>  drivers/gpu/drm/mediatek/mtk_dsi.c | 9 +++++----
>  1 file changed, 5 insertions(+), 4 deletions(-)
> 
> diff --git a/drivers/gpu/drm/mediatek/mtk_dsi.c b/drivers/gpu/drm/mediatek/mtk_dsi.c
> index d7726091819c..acee2227275b 100644
> --- a/drivers/gpu/drm/mediatek/mtk_dsi.c
> +++ b/drivers/gpu/drm/mediatek/mtk_dsi.c
> @@ -1232,6 +1232,11 @@ static int mtk_dsi_probe(struct platform_device *pdev)
> 
>         dsi->host.ops = &mtk_dsi_ops;
>         dsi->host.dev = dev;
> +
> +       init_waitqueue_head(&dsi->irq_wait_queue);
> +
> +       platform_set_drvdata(pdev, dsi);
> +
>         ret = mipi_dsi_host_register(&dsi->host);
>         if (ret < 0)
>                 return dev_err_probe(dev, ret, "Failed to register DSI host\n");
> @@ -1243,10 +1248,6 @@ static int mtk_dsi_probe(struct platform_device *pdev)
>                 return dev_err_probe(&pdev->dev, ret, "Failed to request DSI irq\n");
>         }
> 
> -       init_waitqueue_head(&dsi->irq_wait_queue);
> -
> -       platform_set_drvdata(pdev, dsi);
> -
>         dsi->bridge.of_node = dev->of_node;
>         dsi->bridge.type = DRM_MODE_CONNECTOR_DSI;
> 
> --
> 2.43.0
> 
>